On 10/12/19 10:21 AM, Matt Darfeuille wrote: > On 10/12/2019 5:18 PM, Andreas Günther wrote: >> I would need help with the rules for Icinga at a KVM host (internal IP >> 192.168.1.66) with multiple VM guests. The Icinga Master runs on >> 192.168.1.66 >> and one Icinga client runs on 192.168.1.70. >> > > Have you looked here for connection issues: > > http://shorewall.org/troubleshoot.htm#Connections > > Also, looking at the below link might be useful: > > http://shorewall.org/manpages/shorewall-interfaces.html > > In particular: > > - "Beginning with Shorewall 4.5.3, the interfaces file supports two > different formats: > FORMAT 1 (default - deprecated) > There is a BROADCAST column which can be used to specify the broadcast > address associated with the interface. > FORMAT 2 > The BROADCAST column is omitted. > The format is specified by a line as follows: > ?FORMAT {1|2}" > > > - "bridge > Designates the interface as a bridge. Beginning with Shorewall 4.4.7, > setting this option also sets routeback. > Note > If you have a bridge that you don't intend to define bport zones on, > then it is best to omit this option and simply specify routeback." >
If this information doesn't allow you to correct the problem, then please refer to http://www.shorewall.org/support.htm#Guidelines There you will find instructions for submitting the output of 'shorewall dump' for analysis; that is the best way of requesting help with connection issues. Thanks, -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
